Re: [Evolution-hackers] Evolution SSL/TLS improvements

From: Not Zed <notzed ximian com>
To: Enver ALTIN <ealtin parkyeri com>
Cc: evolution-hackers lists ximian com
Subject: Re: [Evolution-hackers] Evolution SSL/TLS improvements
Date: Fri, 19 Nov 2004 21:16:56 +0800

On Fri, 2004-11-19 at 03:11 +0200, Enver ALTIN wrote:

Hi,

On Thu, 2004-11-11 at 17:20 -0500, Rodney Dawes wrote:
> In this mockup, we have the "Test", "Work", and "Test Work" accounts
> (yes, I'm lazy, and just copied stuff
> around in GIMP). The "Test" account is connected, but is not over a
> secure connection. The "Work" account
> is connected, and secure. And, the "Test Work" account is
> disconnected. "On This Computer" is local, and
> has a special icon. To support this, we basically need to add 2 new
> flags to the CamelStore API. These flags
> would be something like CAMEL_STORE_IS_SECURE, and
> CAMEL_STORE_IS_LOCAL. This will allow us to
> determine if we are local, and once we are connected, if we are
> secure. Jeff informed me that API already
> exists to tell if we are connected, so we can add the disconnected
> icon support very easily.

Awesome. Actually, I'd love to have the security status to show up on
the send/receive dialog too.

> As far as actual behavior and settings go, the most user-friendly
> method, is to default to the highest level
> of security, and safely fall back through lower levels. Based on this
> ideology, we can get rid of the "Never"
> and "Whenever Possible" options, and just always try to do STARTTLS,
> and with the status icons in the
> tree above, the user will know what is going on. As for the "Always"
> option, we can turn it into a check
> box, and when enabled, rather than falling back to a cleartext
> connection, if STARTTLS nor SSL Port work,
> just fail to connect, and set the status to disconnected. This would
> give us the following interfaces when
> built with ssl support enabled, and without:

Well, well. What if I just don't want to get these messages over a clear
text link at all? How do I know if it will ever be able to connect
securely? How do I prevent it from retrieving any data over a clear-text
connection?

Well, in 2.1 we had the options more obvious, we had SSL, TLS, no security. But that got reverted for some totally unobvious reason to me.

Michael Zucchi <notzed ximian com>
"Free Software, putting the Free back in Free Market."
Novell's Evolution and Free Software Developer

References:
- [Evolution-hackers] Evolution SSL/TLS improvements
  - From: Rodney Dawes
- Re: [Evolution-hackers] Evolution SSL/TLS improvements
  - From: Enver ALTIN

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]